@lateos/npm-scan 0.11.4 → 0.11.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.de.md +8 -7
- package/README.fr.md +8 -7
- package/README.ja.md +8 -7
- package/README.md +7 -6
- package/README.zh.md +8 -7
- package/package.json +1 -1
package/README.de.md
CHANGED
|
@@ -38,7 +38,8 @@ Angreifer haben sich längst über einfaches Typosquatting hinausentwickelt. Sie
|
|
|
38
38
|
| Bekannte CVE-Übereinstimmung | ✅ | ✅ | ❌ | ✅ |
|
|
39
39
|
| Statische Analyse | ❌ | ✅ | ✅ | ✅ |
|
|
40
40
|
| Erkennung obfuskierter Payloads | ❌ | ❌ | ❌ | ✅ |
|
|
41
|
-
|
|
|
41
|
+
| AST-Level heuristische Analyse | ❌ | ❌ | ❌ | ✅ |
|
|
42
|
+
| Runtime-Verhaltenssandbox | ❌ | ❌ | ✅ | ✅ |
|
|
42
43
|
| Erkennung bedingter Auslöser (ATK-009) | ❌ | ❌ | ❌ | ✅ |
|
|
43
44
|
| Sandbox-Evasion-Erkennung (ATK-010) | ❌ | ❌ | ❌ | ✅ |
|
|
44
45
|
| Transitive Wurmverbreitung (ATK-011) | ❌ | ❌ | ❌ | ✅ |
|
|
@@ -372,7 +373,7 @@ jobs:
|
|
|
372
373
|
with:
|
|
373
374
|
node-version: 20
|
|
374
375
|
- name: Scan lockfile
|
|
375
|
-
uses: lateos/npm-scan@
|
|
376
|
+
uses: lateos/npm-scan@v1
|
|
376
377
|
with:
|
|
377
378
|
scan-type: lockfile
|
|
378
379
|
fail-on: high
|
|
@@ -400,7 +401,7 @@ jobs:
|
|
|
400
401
|
#### Beispiel: Bestimmtes Paket mit Policy + SBOM scannen
|
|
401
402
|
|
|
402
403
|
```yaml
|
|
403
|
-
- uses: lateos/npm-scan@
|
|
404
|
+
- uses: lateos/npm-scan@v1
|
|
404
405
|
with:
|
|
405
406
|
scan-type: package
|
|
406
407
|
package: lodash
|
|
@@ -412,7 +413,7 @@ jobs:
|
|
|
412
413
|
#### Beispiel: Mit SIEM-Export scannen (Premium)
|
|
413
414
|
|
|
414
415
|
```yaml
|
|
415
|
-
- uses: lateos/npm-scan@
|
|
416
|
+
- uses: lateos/npm-scan@v1
|
|
416
417
|
with:
|
|
417
418
|
scan-type: lockfile
|
|
418
419
|
siem-format: cef
|
|
@@ -466,7 +467,7 @@ jobs:
|
|
|
466
467
|
with:
|
|
467
468
|
node-version: 20
|
|
468
469
|
- name: Scan lockfile
|
|
469
|
-
uses: lateos/npm-scan@
|
|
470
|
+
uses: lateos/npm-scan@v1
|
|
470
471
|
with:
|
|
471
472
|
scan-type: lockfile
|
|
472
473
|
fail-on: high
|
|
@@ -494,7 +495,7 @@ jobs:
|
|
|
494
495
|
#### Beispiel: Bestimmtes Paket mit Policy + SBOM scannen
|
|
495
496
|
|
|
496
497
|
```yaml
|
|
497
|
-
- uses: lateos/npm-scan@
|
|
498
|
+
- uses: lateos/npm-scan@v1
|
|
498
499
|
with:
|
|
499
500
|
scan-type: package
|
|
500
501
|
package: lodash
|
|
@@ -506,7 +507,7 @@ jobs:
|
|
|
506
507
|
#### Beispiel: Mit SIEM-Export scannen (Premium)
|
|
507
508
|
|
|
508
509
|
```yaml
|
|
509
|
-
- uses: lateos/npm-scan@
|
|
510
|
+
- uses: lateos/npm-scan@v1
|
|
510
511
|
with:
|
|
511
512
|
scan-type: lockfile
|
|
512
513
|
siem-format: cef
|
package/README.fr.md
CHANGED
|
@@ -38,7 +38,8 @@ Les attaquants ont dépassé le simple typosquatting. Ils livrent désormais des
|
|
|
38
38
|
| Correspondance CVE connus | ✅ | ✅ | ❌ | ✅ |
|
|
39
39
|
| Analyse statique | ❌ | ✅ | ✅ | ✅ |
|
|
40
40
|
| Détection de charges utiles obfusquées | ❌ | ❌ | ❌ | ✅ |
|
|
41
|
-
| Analyse
|
|
41
|
+
| Analyse heuristique au niveau AST | ❌ | ❌ | ❌ | ✅ |
|
|
42
|
+
| Bac à sable comportemental runtime | ❌ | ❌ | ✅ | ✅ |
|
|
42
43
|
| Détection de déclencheurs conditionnels (ATK-009) | ❌ | ❌ | ❌ | ✅ |
|
|
43
44
|
| Détection de contournement de sandbox (ATK-010) | ❌ | ❌ | ❌ | ✅ |
|
|
44
45
|
| Propagation transitive de ver (ATK-011) | ❌ | ❌ | ❌ | ✅ |
|
|
@@ -372,7 +373,7 @@ jobs:
|
|
|
372
373
|
with:
|
|
373
374
|
node-version: 20
|
|
374
375
|
- name: Scan lockfile
|
|
375
|
-
uses: lateos/npm-scan@
|
|
376
|
+
uses: lateos/npm-scan@v1
|
|
376
377
|
with:
|
|
377
378
|
scan-type: lockfile
|
|
378
379
|
fail-on: high
|
|
@@ -400,7 +401,7 @@ jobs:
|
|
|
400
401
|
#### Exemple : scanner un paquet spécifique avec politique + SBOM
|
|
401
402
|
|
|
402
403
|
```yaml
|
|
403
|
-
- uses: lateos/npm-scan@
|
|
404
|
+
- uses: lateos/npm-scan@v1
|
|
404
405
|
with:
|
|
405
406
|
scan-type: package
|
|
406
407
|
package: lodash
|
|
@@ -412,7 +413,7 @@ jobs:
|
|
|
412
413
|
#### Exemple : scanner avec export SIEM (premium)
|
|
413
414
|
|
|
414
415
|
```yaml
|
|
415
|
-
- uses: lateos/npm-scan@
|
|
416
|
+
- uses: lateos/npm-scan@v1
|
|
416
417
|
with:
|
|
417
418
|
scan-type: lockfile
|
|
418
419
|
siem-format: cef
|
|
@@ -466,7 +467,7 @@ jobs:
|
|
|
466
467
|
with:
|
|
467
468
|
node-version: 20
|
|
468
469
|
- name: Scan lockfile
|
|
469
|
-
uses: lateos/npm-scan@
|
|
470
|
+
uses: lateos/npm-scan@v1
|
|
470
471
|
with:
|
|
471
472
|
scan-type: lockfile
|
|
472
473
|
fail-on: high
|
|
@@ -494,7 +495,7 @@ jobs:
|
|
|
494
495
|
#### Exemple : scanner un paquet spécifique avec politique + SBOM
|
|
495
496
|
|
|
496
497
|
```yaml
|
|
497
|
-
- uses: lateos/npm-scan@
|
|
498
|
+
- uses: lateos/npm-scan@v1
|
|
498
499
|
with:
|
|
499
500
|
scan-type: package
|
|
500
501
|
package: lodash
|
|
@@ -506,7 +507,7 @@ jobs:
|
|
|
506
507
|
#### Exemple : scanner avec export SIEM (premium)
|
|
507
508
|
|
|
508
509
|
```yaml
|
|
509
|
-
- uses: lateos/npm-scan@
|
|
510
|
+
- uses: lateos/npm-scan@v1
|
|
510
511
|
with:
|
|
511
512
|
scan-type: lockfile
|
|
512
513
|
siem-format: cef
|
package/README.ja.md
CHANGED
|
@@ -38,7 +38,8 @@
|
|
|
38
38
|
| 既知CVEマッチング | ✅ | ✅ | ❌ | ✅ |
|
|
39
39
|
| 静的解析 | ❌ | ✅ | ✅ | ✅ |
|
|
40
40
|
| 難読化ペイロード検出 | ❌ | ❌ | ❌ | ✅ |
|
|
41
|
-
|
|
|
41
|
+
| ASTレベル、ヒューリスティック解析 | ❌ | ❌ | ❌ | ✅ |
|
|
42
|
+
| ランタイム行動サンドボックス | ❌ | ❌ | ✅ | ✅ |
|
|
42
43
|
| 条件付きトリガー検出 (ATK-009) | ❌ | ❌ | ❌ | ✅ |
|
|
43
44
|
| サンドボックス回避検出 (ATK-010) | ❌ | ❌ | ❌ | ✅ |
|
|
44
45
|
| 推移的ワーム伝播 (ATK-011) | ❌ | ❌ | ❌ | ✅ |
|
|
@@ -368,7 +369,7 @@ jobs:
|
|
|
368
369
|
with:
|
|
369
370
|
node-version: 20
|
|
370
371
|
- name: Scan lockfile
|
|
371
|
-
uses: lateos/npm-scan@
|
|
372
|
+
uses: lateos/npm-scan@v1
|
|
372
373
|
with:
|
|
373
374
|
scan-type: lockfile
|
|
374
375
|
fail-on: high
|
|
@@ -396,7 +397,7 @@ jobs:
|
|
|
396
397
|
#### 例:ポリシー+SBOMで特定パッケージをスキャン
|
|
397
398
|
|
|
398
399
|
```yaml
|
|
399
|
-
- uses: lateos/npm-scan@
|
|
400
|
+
- uses: lateos/npm-scan@v1
|
|
400
401
|
with:
|
|
401
402
|
scan-type: package
|
|
402
403
|
package: lodash
|
|
@@ -408,7 +409,7 @@ jobs:
|
|
|
408
409
|
#### 例:SIEMエクスポートでスキャン(プレミアム)
|
|
409
410
|
|
|
410
411
|
```yaml
|
|
411
|
-
- uses: lateos/npm-scan@
|
|
412
|
+
- uses: lateos/npm-scan@v1
|
|
412
413
|
with:
|
|
413
414
|
scan-type: lockfile
|
|
414
415
|
siem-format: cef
|
|
@@ -462,7 +463,7 @@ jobs:
|
|
|
462
463
|
with:
|
|
463
464
|
node-version: 20
|
|
464
465
|
- name: Scan lockfile
|
|
465
|
-
uses: lateos/npm-scan@
|
|
466
|
+
uses: lateos/npm-scan@v1
|
|
466
467
|
with:
|
|
467
468
|
scan-type: lockfile
|
|
468
469
|
fail-on: high
|
|
@@ -490,7 +491,7 @@ jobs:
|
|
|
490
491
|
#### 例:ポリシー+SBOMで特定パッケージをスキャン
|
|
491
492
|
|
|
492
493
|
```yaml
|
|
493
|
-
- uses: lateos/npm-scan@
|
|
494
|
+
- uses: lateos/npm-scan@v1
|
|
494
495
|
with:
|
|
495
496
|
scan-type: package
|
|
496
497
|
package: lodash
|
|
@@ -502,7 +503,7 @@ jobs:
|
|
|
502
503
|
#### 例:SIEMエクスポートでスキャン(プレミアム)
|
|
503
504
|
|
|
504
505
|
```yaml
|
|
505
|
-
- uses: lateos/npm-scan@
|
|
506
|
+
- uses: lateos/npm-scan@v1
|
|
506
507
|
with:
|
|
507
508
|
scan-type: lockfile
|
|
508
509
|
siem-format: cef
|
package/README.md
CHANGED
|
@@ -37,7 +37,8 @@ Attackers have moved past simple typosquatting. They now ship **obfuscated prein
|
|
|
37
37
|
| Known CVE matching | ✅ | ✅ | ❌ | ✅ |
|
|
38
38
|
| Static analysis | ❌ | ✅ | ✅ | ✅ |
|
|
39
39
|
| Obfuscated payload detection | ❌ | ❌ | ❌ | ✅ |
|
|
40
|
-
|
|
|
40
|
+
| AST-level heuristic analysis | ❌ | ❌ | ❌ | ✅ |
|
|
41
|
+
| Runtime behavioral sandbox | ❌ | ❌ | ✅ | ✅ |
|
|
41
42
|
| Conditional trigger detection (ATK-009) | ❌ | ❌ | ❌ | ✅ |
|
|
42
43
|
| Sandbox evasion detection (ATK-010) | ❌ | ❌ | ❌ | ✅ |
|
|
43
44
|
| Transitive worm propagation (ATK-011) | ❌ | ❌ | ❌ | ✅ |
|
|
@@ -438,7 +439,7 @@ jobs:
|
|
|
438
439
|
#### Example: scan a specific package with policy + SBOM
|
|
439
440
|
|
|
440
441
|
```yaml
|
|
441
|
-
- uses: lateos/npm-scan@
|
|
442
|
+
- uses: lateos/npm-scan@v1
|
|
442
443
|
with:
|
|
443
444
|
scan-type: package
|
|
444
445
|
package: lodash
|
|
@@ -450,7 +451,7 @@ jobs:
|
|
|
450
451
|
#### Example: scan with SIEM export (premium)
|
|
451
452
|
|
|
452
453
|
```yaml
|
|
453
|
-
- uses: lateos/npm-scan@
|
|
454
|
+
- uses: lateos/npm-scan@v1
|
|
454
455
|
with:
|
|
455
456
|
scan-type: lockfile
|
|
456
457
|
siem-format: cef
|
|
@@ -504,7 +505,7 @@ jobs:
|
|
|
504
505
|
with:
|
|
505
506
|
node-version: 20
|
|
506
507
|
- name: Scan lockfile
|
|
507
|
-
uses: lateos/npm-scan@
|
|
508
|
+
uses: lateos/npm-scan@v1
|
|
508
509
|
with:
|
|
509
510
|
scan-type: lockfile
|
|
510
511
|
fail-on: high
|
|
@@ -532,7 +533,7 @@ jobs:
|
|
|
532
533
|
#### Example: scan a specific package with policy + SBOM
|
|
533
534
|
|
|
534
535
|
```yaml
|
|
535
|
-
- uses: lateos/npm-scan@
|
|
536
|
+
- uses: lateos/npm-scan@v1
|
|
536
537
|
with:
|
|
537
538
|
scan-type: package
|
|
538
539
|
package: lodash
|
|
@@ -544,7 +545,7 @@ jobs:
|
|
|
544
545
|
#### Example: scan with SIEM export (premium)
|
|
545
546
|
|
|
546
547
|
```yaml
|
|
547
|
-
- uses: lateos/npm-scan@
|
|
548
|
+
- uses: lateos/npm-scan@v1
|
|
548
549
|
with:
|
|
549
550
|
scan-type: lockfile
|
|
550
551
|
siem-format: cef
|
package/README.zh.md
CHANGED
|
@@ -38,7 +38,8 @@
|
|
|
38
38
|
| 已知 CVE 匹配 | ✅ | ✅ | ❌ | ✅ |
|
|
39
39
|
| 静态分析 | ❌ | ✅ | ✅ | ✅ |
|
|
40
40
|
| 混淆载荷检测 | ❌ | ❌ | ❌ | ✅ |
|
|
41
|
-
|
|
|
41
|
+
| AST 级启发式分析 | ❌ | ❌ | ❌ | ✅ |
|
|
42
|
+
| 运行时行为沙箱 | ❌ | ❌ | ✅ | ✅ |
|
|
42
43
|
| 条件触发器检测 (ATK-009) | ❌ | ❌ | ❌ | ✅ |
|
|
43
44
|
| 沙箱逃逸检测 (ATK-010) | ❌ | ❌ | ❌ | ✅ |
|
|
44
45
|
| 传递性蠕虫传播 (ATK-011) | ❌ | ❌ | ❌ | ✅ |
|
|
@@ -372,7 +373,7 @@ jobs:
|
|
|
372
373
|
with:
|
|
373
374
|
node-version: 20
|
|
374
375
|
- name: Scan lockfile
|
|
375
|
-
uses: lateos/npm-scan@
|
|
376
|
+
uses: lateos/npm-scan@v1
|
|
376
377
|
with:
|
|
377
378
|
scan-type: lockfile
|
|
378
379
|
fail-on: high
|
|
@@ -400,7 +401,7 @@ jobs:
|
|
|
400
401
|
#### 示例:使用策略 + SBOM 扫描特定包
|
|
401
402
|
|
|
402
403
|
```yaml
|
|
403
|
-
- uses: lateos/npm-scan@
|
|
404
|
+
- uses: lateos/npm-scan@v1
|
|
404
405
|
with:
|
|
405
406
|
scan-type: package
|
|
406
407
|
package: lodash
|
|
@@ -412,7 +413,7 @@ jobs:
|
|
|
412
413
|
#### 示例:使用 SIEM 导出扫描(高级版)
|
|
413
414
|
|
|
414
415
|
```yaml
|
|
415
|
-
- uses: lateos/npm-scan@
|
|
416
|
+
- uses: lateos/npm-scan@v1
|
|
416
417
|
with:
|
|
417
418
|
scan-type: lockfile
|
|
418
419
|
siem-format: cef
|
|
@@ -466,7 +467,7 @@ jobs:
|
|
|
466
467
|
with:
|
|
467
468
|
node-version: 20
|
|
468
469
|
- name: Scan lockfile
|
|
469
|
-
uses: lateos/npm-scan@
|
|
470
|
+
uses: lateos/npm-scan@v1
|
|
470
471
|
with:
|
|
471
472
|
scan-type: lockfile
|
|
472
473
|
fail-on: high
|
|
@@ -494,7 +495,7 @@ jobs:
|
|
|
494
495
|
#### 示例:使用策略 + SBOM 扫描特定包
|
|
495
496
|
|
|
496
497
|
```yaml
|
|
497
|
-
- uses: lateos/npm-scan@
|
|
498
|
+
- uses: lateos/npm-scan@v1
|
|
498
499
|
with:
|
|
499
500
|
scan-type: package
|
|
500
501
|
package: lodash
|
|
@@ -506,7 +507,7 @@ jobs:
|
|
|
506
507
|
#### 示例:使用 SIEM 导出扫描(高级版)
|
|
507
508
|
|
|
508
509
|
```yaml
|
|
509
|
-
- uses: lateos/npm-scan@
|
|
510
|
+
- uses: lateos/npm-scan@v1
|
|
510
511
|
with:
|
|
511
512
|
scan-type: lockfile
|
|
512
513
|
siem-format: cef
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@lateos/npm-scan",
|
|
3
|
-
"version": "0.11.
|
|
3
|
+
"version": "0.11.6",
|
|
4
4
|
"description": "Modern npm supply chain security scanner — detects obfuscated payloads, credential stealers, conditional triggers, sandbox evasion, and worm-like propagation. 11 attack types, SBOM, NIST/EU CRA compliance reporting.",
|
|
5
5
|
"main": "backend/index.js",
|
|
6
6
|
"bin": {
|